Key Activities and Objectives
Cyber Security Intelligence
For a connected nation, there is a need to conduct proactive research for cyber threats and ensure that attacks can be detected and prevented before they cause real harm. Cyber security intelligence aims to stay vigilant against possible cyber threats that may arise in today’s networked world, through threat monitoring, trend analysis and advisories.
Initiatives in Cyber Security Intelligence include:
- Establishing a Security Operations Center to monitor cyber
- Security related issues
- Providing trend analysis of potential threats and sharing
- Information with stakeholders
- Assisting in detection and prevention of national incidents
Cyber Incident Management and Coordination
The Cyber Security Division aims to contain any possible damage that may arise from incidents. The key is to help organizations and citizens in Qatar respond appropriately to incidents through timely reporting, analysis and effective mitigation strategies.
Cyber Security Strategy, Policy, Legislation and Compliance
To ensure that all sectors and entities are aware of their obligations towards Cyber Security, it is necessary to ensure that national legislation and policies are defined.
A National Information Assurance Framework (NIAF) was developed to include a set of cyber security legislations, standards and guidelines to assure securing information assets. The scope of this framework covers E-commerce and related transactions, Internet infrastructure security, and protection of critical infrastructure information.
Cyber Security Resilience
To improve the information security posture within the government sector, the Cyber Security Division directs its efforts towards improving the cyber security resilience by conducting risk and security assessments and enabling resilience management. These services help organizations design and maintain their information infrastructure in conformance with relevant standards that conform to accepted global best practices.
Cyber Security Education and Enhancing Technical Capabilities
Technology can deliver its intended benefits only when it is used securely. Understanding the need to empower users with cyber security knowledge to make the most of the available technology, the Cyber Security Education and Training initiative offers a rich series of workshops, tutorials and briefings tailored specifically for technology users. Experienced instructors conduct workshops in both English and Arabic, sharing their expertise and knowledge in sound technology practices.
Critical Information Infrastructure Protection
The Critical Information Infrastructure Protection (CIIP) team is concerned with the protection of the information assets in critical sectors, such as energy and finance. The CIIP team provides and supports essential services that are critical to maintain the quality of life in the State of Qatar. To serve this purpose, the CIIP team studies the needs of specific sectors and their cyber security maturity levels, continuously analyses the risks and conducts annual national cyber drills. These studies lead to the development of protection strategies, practice frameworks and tools, technical standards and policies and compliance frameworks by working closely with stakeholders. The CIIP team is also responsible for overseeing the PPP model of IRECs, which is a sector specific trusted platform for sharing cyber security related matters.
For detailed information about the activities of the Cyber Security Division, please visit Q-CERT website.